07 Feb, 2008
8 commits
-
Jeff Moyer pointed out that a mount; umount loop of ecryptfs, with the same
cipher & other mount options, created a new ecryptfs_key_tfm_cache item
each time, and the cache could grow quite large this way.Looking at this with mhalcrow, we saw that ecryptfs_parse_options()
unconditionally called ecryptfs_add_new_key_tfm(), which is what was adding
these items.Refactor ecryptfs_get_tfm_and_mutex_for_cipher_name() to create a new
helper function, ecryptfs_tfm_exists(), which checks for the cipher on the
cached key_tfm_list, and sets a pointer to it if it exists. This can then
be called from ecryptfs_parse_options(), and new key_tfm's can be added
only when a cached one is not found.With list locking changes suggested by akpm.
Signed-off-by: Eric Sandeen
Cc: Michael Halcrow
Cc: Jeff Moyer
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Only the lower byte of cipher_code is ever used, so it makes sense
for its type to be u8.Signed-off-by: Trevor Highland
Cc: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The printk statements that result when the user does not have the
proper key available could use some refining.Signed-off-by: Mike Halcrow
Cc: Mike Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
ecryptfs_debug really should not be a mount option; it is not per-mount,
but rather sets a global "ecryptfs_verbosity" variable which affects all
mounted filesysytems. It's already settable as a module load option,
I think we can leave it at that.Also, if set, since secret values come out in debug messages, kick
things off with a stern warning.Signed-off-by: Eric Sandeen
Acked-by: Mike Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Change ecryptfs_show_options to reflect the actual mount options in use.
Note that this does away with the "dir=" output, which is not a valid mount
option and appears to be unused.Mount options such as "ecryptfs_verbose" and "ecryptfs_xattr_metadata" are
somewhat indeterminate for a given fs, but in any case the reported mount
options can be used in a new mount command to get the same behavior.[akpm@linux-foundation.org: fix printk warning]
Signed-off-by: Eric Sandeen
Acked-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
There is no need to keep re-setting the same key for any given eCryptfs inode.
This patch optimizes the use of the crypto API and helps performance a bit.Signed-off-by: Trevor Highland
Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Remove internal references to header extents; just keep track of header bytes
instead. Headers can easily span multiple pages with the recent persistent
file changes.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
- make the following needlessly global code static:
- crypto.c:ecryptfs_lower_offset_for_extent()
- crypto.c:key_tfm_list
- crypto.c:key_tfm_list_mutex
- inode.c:ecryptfs_getxattr()
- main.c:ecryptfs_init_persistent_file()- remove the no longer used mmap.c:ecryptfs_lower_page_cache
- #if 0 the unused read_write.c:ecryptfs_read()
Signed-off-by: Adrian Bunk
Cc: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
06 Feb, 2008
1 commit
-
Simplify page cache zeroing of segments of pages through 3 functions
zero_user_segments(page, start1, end1, start2, end2)
Zeros two segments of the page. It takes the position where to
start and end the zeroing which avoids length calculations and
makes code clearer.zero_user_segment(page, start, end)
Same for a single segment.
zero_user(page, start, length)
Length variant for the case where we know the length.
We remove the zero_user_page macro. Issues:
1. Its a macro. Inline functions are preferable.
2. The KM_USER0 macro is only defined for HIGHMEM.
Having to treat this special case everywhere makes the
code needlessly complex. The parameter for zeroing is always
KM_USER0 except in one single case that we open code.Avoiding KM_USER0 makes a lot of code not having to be dealing
with the special casing for HIGHMEM anymore. Dealing with
kmap is only necessary for HIGHMEM configurations. In those
configurations we use KM_USER0 like we do for a series of other
functions defined in highmem.h.Since KM_USER0 is depends on HIGHMEM the existing zero_user_page
function could not be a macro. zero_user_* functions introduced
here can be be inline because that constant is not used when these
functions are called.Also extract the flushing of the caches to be outside of the kmap.
[akpm@linux-foundation.org: fix nfs and ntfs build]
[akpm@linux-foundation.org: fix ntfs build some more]
Signed-off-by: Christoph Lameter
Cc: Steven French
Cc: Michael Halcrow
Cc:
Cc: Steven Whitehouse
Cc: Trond Myklebust
Cc: "J. Bruce Fields"
Cc: Anton Altaparmakov
Cc: Mark Fasheh
Cc: David Chinner
Cc: Michael Halcrow
Cc: Steven French
Cc: Steven Whitehouse
Cc: Trond Myklebust
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
29 Jan, 2008
1 commit
-
Create a specific helper for netlink kernel socket disposal. This just
let the code look better and provides a ground for proper disposal
inside a namespace.Signed-off-by: Denis V. Lunev
Tested-by: Alexey Dobriyan
Signed-off-by: David S. Miller
25 Jan, 2008
8 commits
-
There is no need for kobject_unregister() anymore, thanks to Kay's
kobject cleanup changes, so replace all instances of it with
kobject_put().Cc: Kay Sievers
Signed-off-by: Greg Kroah-Hartman -
Using a kset for this trivial directory is an overkill.
Cc: Kay Sievers
Cc: Mike Halcrow
Cc: Phillip Hellewell
Signed-off-by: Greg Kroah-Hartman -
This file violates the one-value-per-file sysfs rule.
If you all want it added back, please do something like a per-feature
file to show what is present and what isn't.Cc: Kay Sievers
Cc: Mike Halcrow
Cc: Phillip Hellewell
Signed-off-by: Greg Kroah-Hartman -
Switch all dynamically created ksets, that export simple attributes,
to kobj_attribute from subsys_attribute. Struct subsys_attribute will
be removed.Signed-off-by: Kay Sievers
Cc: Mike Halcrow
Cc: Phillip Hellewell
Signed-off-by: Greg Kroah-Hartman -
This also renames fs_subsys to fs_kobj to catch all current users with a
build error instead of a build warning which can easily be missed.Cc: Kay Sievers
Signed-off-by: Greg Kroah-Hartman -
Dynamically create the kset instead of declaring it statically.
Cc: Kay Sievers
Cc: Mike Halcrow
Cc: Phillip Hellewell
Signed-off-by: Greg Kroah-Hartman -
We don't need a "default" ktype for a kset. We should set this
explicitly every time for each kset. This change is needed so that we
can make ksets dynamic, and cleans up one of the odd, undocumented
assumption that the kset/kobject/ktype model has.This patch is based on a lot of help from Kay Sievers.
Nasty bug in the block code was found by Dave Young
Cc: Kay Sievers
Cc: Dave Young
Signed-off-by: Greg Kroah-Hartman -
It isn't that hard to add simple kset attributes, so don't go through
all the gyrations of creating your own object type and show and store
functions. Just use the functions that are already present. This makes
things much simpler.Note, the version_str string violates the "one value per file" rule for
sysfs. I suggest changing this now (individual files per type supported
is one suggested way.)Cc: Michael A. Halcrow
Cc: Michael C. Thompson
Cc: Tyler Hicks
Signed-off-by: Greg Kroah-Hartman
09 Jan, 2008
1 commit
-
This patch corrects some erroneous dentry handling in eCryptfs.
If there is a problem creating the lower file, then there is nothing that
the persistent lower file can do to really help us. This patch makes a
vfs_create() failure in the lower filesystem always lead to an
unconditional do_create failure in eCryptfs.Under certain sequences of operations, the eCryptfs dentry can remain in
the dcache after an unlink. This patch calls d_drop() on the eCryptfs
dentry to correct this.eCryptfs has no business calling d_delete() directly on a lower
filesystem's dentry. This patch removes the call to d_delete() on the
lower persistent file's dentry in ecryptfs_destroy_inode().(Thanks to David Kleikamp, Eric Sandeen, and Jeff Moyer for helping
identify and resolve this issue)Signed-off-by: Michael Halcrow
Cc: Dave Kleikamp
Cc: Eric Sandeen
Cc: Jeff Moyer
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
24 Dec, 2007
3 commits
-
Thanks to Jeff Moyer for pointing this out.
If the RDWR dentry_open() in ecryptfs_init_persistent_file fails,
it will do a dput/mntput. Need to re-take references if we
retry as RDONLY.Signed-off-by: Eric Sandeen
Acked-by: Mike Halcrow
Signed-off-by: Jeff Moyer
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Thanks to Josef Bacik for finding these.
A couple of ecryptfs error paths don't properly unlock things they locked.
Signed-off-by: Eric Sandeen
Cc: Josef Bacik
Cc: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Passing a cipher name > 32 chars on mount results in an overflow when the
cipher name is printed, because the last character in the struct
ecryptfs_key_tfm's cipher_name string was never zeroed.Signed-off-by: Eric Sandeen
Acked-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
18 Dec, 2007
3 commits
-
ecryptfs in 2.6.24-rc3 wasn't surviving fsx for me at all, dying after 4
ops. Generally, encountering problems with stale data and improperly
zeroed pages. An extending truncate + write for example would expose stale
data.With the changes below I got to a million ops and beyond with all mmap ops
disabled - mmap still needs work. (A version of this patch on a RHEL5
kernel ran for over 110 million fsx ops)I added a few comments as well, to the best of my understanding
as I read through the code.Signed-off-by: Eric Sandeen
Acked-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
eCryptfs wasn't setting s_blocksize in it's superblock; just pick it up
from the lower FS. Having an s_blocksize of 0 made things like "filefrag"
which call FIGETBSZ unhappy.Signed-off-by: Eric Sandeen
Acked-by: Mike Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
ecryptfs_destroy_mount_crypt_stat() checks whether each
auth_tok->global_auth_tok_key is nonzero and if so puts that key. However,
in some early mount error paths nothing has initialized the pointer, and we
try to key_put() garbage. Running the bad cipher tests in the testsuite
exposes this, and it's happy with the following change.Signed-off-by: Eric Sandeen
Cc: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
15 Nov, 2007
1 commit
-
page->index should be cast to loff_t instead of off_t.
Signed-off-by: Michael Halcrow
Reported-by: Eric Sandeen
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
06 Nov, 2007
2 commits
-
Release the crypt_stat hash mutex on allocation error. Check for error
conditions when doing crypto hash calls.Signed-off-by: Michael Halcrow
Reported-by: Kazuki Ohta
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The extent_offset is getting incremented twice per loop iteration through any
given page. It should only be getting incremented once. This bug should only
impact hosts with >4K page sizes.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
27 Oct, 2007
1 commit
-
This patch fixes the errors made in the users of the crypto layer during
the sg_init_table conversion. It also adds a few conversions that were
missing altogether.Signed-off-by: Herbert Xu
Signed-off-by: David S. Miller
24 Oct, 2007
1 commit
-
Most drivers need to set length and offset as well, so may as well fold
those three lines into one.Add sg_assign_page() for those two locations that only needed to set
the page, where the offset/length is set outside of the function context.Signed-off-by: Jens Axboe
23 Oct, 2007
1 commit
-
Signed-off-by: Jens Axboe
19 Oct, 2007
1 commit
-
Make sure ecryptfs doesn't trip the BUG() in notify_change. This also allows
the lower filesystem to interpret ATTR_KILL_S*ID in its own way.Signed-off-by: Jeff Layton
Cc: Michael Halcrow
Cc: Christoph Hellwig
Cc: Neil Brown
Cc: "J. Bruce Fields"
Cc: Chris Mason
Cc: Jeff Mahoney
Cc: "Vladimir V. Saveliev"
Cc: Josef 'Jeff' Sipek
Cc: Trond Myklebust
Cc: Steven French
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds
17 Oct, 2007
8 commits
-
This patch cleans up duplicate includes in
fs/ecryptfs/Signed-off-by: Jesper Juhl
Cc: Michael A Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Slab constructors currently have a flags parameter that is never used. And
the order of the arguments is opposite to other slab functions. The object
pointer is placed before the kmem_cache pointer.Convert
ctor(void *object, struct kmem_cache *s, unsigned long flags)
to
ctor(struct kmem_cache *s, void *object)
throughout the kernel
[akpm@linux-foundation.org: coupla fixes]
Signed-off-by: Christoph Lameter
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The functions that eventually call down to ecryptfs_read_lower(),
ecryptfs_decrypt_page(), and ecryptfs_copy_up_encrypted_with_header()
should have the responsibility of managing the page Uptodate
status. This patch gets rid of some of the ugliness that resulted from
trying to push some of the page flag setting too far down the stack.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Replace some magic numbers with sizeof() equivalents.
Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
The switch to read_write.c routines and the persistent file make a number of
functions unnecessary. This patch removes them.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Initialize persistent lower file on inode create.
Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Update data types and add casts in order to avoid potential overflow
issues.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds -
Convert readpage, prepare_write, and commit_write to use read_write.c
routines. Remove sync_page; I cannot think of a good reason for implementing
that in eCryptfs.Signed-off-by: Michael Halcrow
Signed-off-by: Andrew Morton
Signed-off-by: Linus Torvalds